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(57) Abstract 

In a packet-based multiplexed communications system, a method of providing different sets ^^^^^^^ 
remote locadon comprises the steps of: (a) for each different set of condition* ^°™* l ° n ;^^*° ^^^^^ 

KSE?ofSSL»l access information; and (c) transmitting the table (90) and thetransport c^e^htf 
me different sX conditional access information to the remote location along with other information bearing transport packeU. A decoder 
^fr^o^uoTcan employ the transmitted table (90) to identify and extract the transport packet* mat carry a selected one of the 

sets of conditional access information. 
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METHODS FOR PROVIDING CONDITIONAL ACCESS INFORMATION TO 
DECODERS IN A PACKET-BASED MULTIPLEXED COMMUNICATIONS SYSTEM 

FIELD OF THE INVENTION 

The present invention relates to digital 
communications systems, and more particularly, to a method 
for providing conditional access information to decoders in a 
5 multiplexed communications system. 

BACKGROUND OF THE INVENTION 

Recently, the International Organization for 
Standardization (ISO) adopted a standard protocol for 

10 combining one or more "elementary streams" of coded video, 
audio or other data into a single bitstream suitable for 
transmission. The standard (ISO 13 818) , hereinafter referred 
to as the "MPEG-2 Systems" standard, is described in detail 
in the MPEG-2 Systems Committee Draft (ISO/IEC 

15 JTC1/SC29/WG11/N0601, November, 1993) [hereinafter "MPEG-2 
Systems Committee Draft"] , which is hereby incorporated by 
reference. An overview of the MPEG-2 Systems standard is 
provided in Wasilewski, The MPEG-2 Systems Specification: 
Blueprint for Network Interoperability (January 3, 1994), 

20 which is also hereby incorporated by reference. The MPEG-2 
Systems standard provides a syntax and set of semantic rules 
for the construction of bitstreams containing a multiplexed 
combination of one or more "programs." A "program" is 
composed of one or more related elementary streams . An 

25 "elementary stream" is the coded representation of a single 
video, audio or other data stream that shares the common 
timebase of the program of which it is a member. For 
example, in the context of a subscription television system, 
a "program" may comprise a network television broadcast 

30 consisting of two elementary streams: a video stream and an 
audio stream. 

As the MPEG-2 Systems standard developed, a two- 
level packet -based multiplexing scheme emerged. At the first 
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level, each elementary stream to be transmitted, i.e., the 
coded data for one video, audio or other data stream, is 
packetized to form a Packetized Elementary Stream (PES) . 
Each PES packet in a given Packetized Elementary Stream 
5 consists of a PES packet header followed by a variable length 
payload containing the coded data of that elementary stream. 
The Packetized Elementary Stream structure provides a means 
for packaging subparts of a longer elementary stream into 
consecutive packets along with associated indicators and 

10 overhead information used to synchronize the presentation of 
that elementary stream with other related elementary streams 
(e.g., elementary streams of the same program). Each 
elementary stream, in its Packetized Elementary Stream 
format, is assigned a unique "Packet ID" (PID) . For example, 

15 the video elementary stream for a network television program 
may be assigned a PID of "10", and the audio elementary 
stream for that program may be assigned a PID of "23", and so 
on. 

At the second level, one or more Packetized 

20 Elementary Streams may be further segmented or "packetized" 
to facilitate combining those streams into a single bitstream 
for transmission over some medium. Ultimately, two different 
"second level" protocols for combining one or more Packetized 
Elementary Streams into a single bitstream emerged: 1) the 

25 Program Stream (PS) protocol and 2) the Transport Stream 
protocol. Both stream protocols are packet-based and fall 
into the category of "transport layer" entities, as defined 
by the ISO Open System Interconnection (OSI) reference model. 
Program Streams utilize variable-length packets and are 

3 0 intended for "error- free" environments in which software 
parsing is desired. Program Stream packets are generally 
relatively large (IK to 2K bytes) . Transport Streams utilize 
fixed length packets and are intended for transmission in 
noisy or errored environments. Each Transport Stream packet 

3 5 comprises a header portion and a payload portion. Transport 
Stream packets have a relatively short length of 188 bytes 
and include features for enhanced error resiliency and packet 
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loss detection. The remaining background discussion will 
focus primarily on the MPEG-2 Transport Stream protocol. 

As finally adopted, the Transport Stream protocol 
provides a standard format (i.e., syntax and set of semantic 
5 rules) for combining one or more Packet ized Elementary 
Streams into a single "Transport Stream" that may then be 
transmitted over some medium. Essentially, the individual 
packets of each Packetized Elementary Stream are segmented 
and inserted into the payload sections of successive 
10 Transport Packets. That is, each Packetized Elementary 
Stream is inserted into a respective sequence of Transport 
Packets. The PID associated with a given Packetized 
Elementary Stream is then inserted into the headers of each 
Transport Packet that carries data from that Packetized 

15 Elementary Stream. 

The Transport Packets formed from each Packetized 
Elementary Stream are then multiplexed to form a single 
outgoing bitstream or "Transport Stream." Thus, a Transport 
Stream comprises a continuous sequence of Transport Packets, 

20 each of which may carry data from one of a plurality of 
Packetized Elementary Streams. Figure 1 graphically 
illustrates this two level multiplexing approach. As shown, 
an elementary stream 2, which may comprise a stream of coded 
video or audio data/ is segmented and inserted into the 

25 payloads of a plurality of successive packets 4 to form a 
Packetized Elementary Stream. Each packet 4 of the 
Packetized Elementary Stream is then segmented and inserted 
into the payloads of a consecutive sequence of Transport 
Packets 6. The header of each Transport Packet 6 will 

30 contain the PID associated with that elementary stream 2. 

As explained above, the Transport Packets formed 
from a number of different elementary streams are then 
multiplexed to form a single outgoing Transport Stream. At a 
decoder location, a given elementary stream can be recovered 

35 from the incoming Transport Stream by simply extracting every 
incoming Transport Packet whose header contains the PID 
assigned to that elementary stream. A group of related 
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elementary streams (e.g. audio, video etc.) can be extracted 
to reproduce a complete "program." The two-level packet- 
based multiplexing approach of the MPEG- 2 Systems standard 
can be used in a wide variety of applications. For example, 
5 such a multiplexing approach is particularly well suited for 
the transmission of audio and video programming in a 
subscription television system, such as a CATV or Direct 
Broadcast Satellite (DBS) system. 

As originally proposed by Applicant and ultimately 

10 adopted by the MPEG- 2 Systems Committee, each "program" 

(i.e., a combination of related elementary streams) carried 
in a given Transport Stream is assigned a unique "program 
number" to facilitate selection of a program for viewing at a 
decoder location. To facilitate extraction of a selected 

15 program from an incoming Transport Stream, a Program Map 

Table is transmitted to the decoder that contains a "program 

definition." for- each user selectable program number. The.. 

program definition for a given program number identifies, 
which elementary streams in the incoming Transport Stream 

20 "make-up" that program. Specifically, the program, definition 
for a given program specifies the Packet IDs associated with 
each elementary stream of the selected program. For example, 
a television program will typically comprise a video 
elementary stream and an associated audio elementary stream. 

25 The program definition for that television program will 
contain two PID values, one that identifies the video 
elementary stream and one that identifies the audio 
elementary stream. Once the^PID's are known, the decoder can 
simply extract every incoming Transport Packet whose header 

3 0 contains a PID that matches one of those listed in the 

program definition. The audio and video elementary stream 
data can then be recovered from the extracted Transport 
Packets and processed for output to a television or other 
device . 

3 5 As the MPEG- 2 Systems standard developed, it was 

suggested by members of the MPEG- 2 Systems Committee that the 
standard accommodate encryption or scrambling of elementary 
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stream data on an individual stream basis. Ultimately, the 
MPEG-2 Systems Committee decided that encryption of 
elementary stream data could be performed at the Transport 
Packet level. Specifically, when it is desired to encrypt a 
5 given elementary stream, rather than encrypting the 

elementary stream data in its raw form, encryption can be 
performed by encrypting the payload portion of each Transport 
Packet that carries data of that elementary stream. 

At this point it is important to note that the 
10 MPEG-2 Systems standard does not dictate the mechanism or 
algorithm by which elementary streams are to be encrypted or 
scrambled. Rather, individual system vendors may employ 
their own proprietary encryption schemes. What the MPEG-2 
Systems standard recognizes, however, is that any encryption 
15 or scrambling technique will require that encryption related 
information be transmitted to system decoders in order to 
facilitate decryption or de scrambling at. each decoder. 

For example, it is expected that many vendors of 
MPEG-2 compliant transmission systems will implement private- 
20 key cryptographic techniques for uniquely encrypting 

different elementary streams. With private key cryptography, 
encryption control words (sometimes also referred to as 
encryption seeds) are generated at the encryption site and 
are used to '•key- the encryption algorithm in order to 
produce a pseudo-random binary sequence, sometimes referred 
to as a "key stream". Many private key cryptographic systems 
are expected to employ the well known Data Encryption 
Standard (DES) algorithm. Encryption of a clear data stream, 
such as the elementary stream data in the payload section of 
a Transport Packet, is accomplished by combining the clear 
data with the key stream in a pre-defined manner, such as, 
for example, by performing a bitwise exclusive-OR operation 
on the two streams. In an MPEG-2 compliant system, unique 
encryption of each elementary stream can be achieved simply 
by employing different encryption control words for each 
elementary stream. Decryption of a given elementary stream 
at a decoder can only be performed if the decoder is provided 
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with the encryption control words used to encrypt that 
elementary stream. Accordingly, it will be necessary in any 
MPEG- 2 system that employs private key cryptography to 
provide a mechanism for transmitting encryption control 
5 words, and other encryption related information, to each 
decoder. 

As development of the MPEG- 2 Systems standard 
progressed, the MPEG- 2 Systems Committee decided that 
encryption related information (sometimes referred to in the 

10 art as "conditional access information") would be transmitted 
to decoders in the form of Entitlement Control Messages 
(ECMs) . Each ECM typically will contain encryption or 
scrambling related information for only one of the elementary 
streams in a given Transport Stream. As such, an ECM is 

15 stream-specific. For example, in a system employing a 

private-key cryptographic technique, an ECM may be used to 
transmit the encryption control words necessary for 
decrypting a particular elementary stream. ECMs for a given 
elementary stream may be transmitted in dedicated Transport 

20 Packets, or alternatively, may be transmitted in "adaptation 
fields" of the Transport Packets that carry that elementary 
stream. ECMs can be retrieved by a decoder in order to 
decrypt the elementary stream data of a user selected 
program . 

25 It should be noted that the MPEG-2 Systems standard 

does not dictate the content or format of an ECM. The MPEG-2 
Systems standard merely dictates how ECMs are to be 
transmitted within a given Transport Stream. Details of the 
encryption hardware and the content of an ECM are left to 

30 individual system vendors. Accordingly, a vendor supplying 
encoding and decoding equipment that operates in accordance 
with the MPEG-2 Systems standard may develop its own 
encryption scheme and associated ECM format. 

Applicant and his Assignee have been actively 

35 involved in the development of the MPEG-2 Systems standard 
and have contributed to various aspects of the standard. As 
Applicant recognized during development of the encryption 
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related aspects of the MPEG-2 Systems standard, because each 
ECM in a given Transport Stream relates to a particular 
elementary stream, a mechanism is needed for identifying 
which ECMs are associated with each elementary stream. For 
5 example, when a decoder begins extracting the Transport 
Packets that contain the elementary streams of a selected 
program, the decoder must be able to locate and extract the 
ECMs that contain the encryption related information 
necessary for descrambling or decrypting each of those 

10 elementary streams. 

Applicant further recognized that in many 
applications, particularly subscription television 
applications, it is desirable to provide various decoders in 
the system with other decoder specific and/or system-wide 

15 "conditional access" information. For example, it is often 
desirable to transmit authorization information to various 
decoders or groups of decoders for controlling access to 
different programs or tiers of programs in a given Transport 
Stream. Recognizing the need to provide such decoder 

20 specific and/or system wide conditional access information to 
decoders, it was suggested by the MPEG-2 Systems Committee 
that such information could be transmitted to decoders in the 
form of Entitlement Management Messages (EMMs) , which would 
be similar to the ECMs used to transmit stream- specif ic 

25 conditional access information. The concept of an 

Entitlement Management Message is well known in the prior 
art. Applicant realized, however, that in a typical 
application, such as a subscription television application, 
it is likely that a number of different vendors might provide 

30 decoders to different subscribers in the same system. Each 
vendor's decoder will most likely operate in accordance with 
that vendor's own proprietary conditional access subsystem. 
Consequently, it will be necessary to transmit different EMM 
streams to support each of the different conditional access 

35 systems being employed. As a result, a mechanism will be 
needed for directing each decoder to the appropriate EMMs 
carried in a given Transport Stream. 
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Applicant's invention addresses both of the 
foregoing needs by providing novel methods for locating 
conditional access information transmitted in a packet-based 
multiplexed communications system, such as an MPEG-2 
5 compliant communications system. Applicant, on behalf of his 
Assignee, proposed the methods of the present invention for 
inclusion in the MPEG- 2 Systems standard, and the methods of 
the present invention, as defined by the appended claims, 
were substantially adopted as part of the MPEG- 2 Systems 
standard. Applicant described his proposal in a paper 
presented to the International Standards Organization (ISO), 
entitled "Syntax Proposal for MPEG- 2 Transport Stream Program 
Specific Information", ISO/IEC JTC1/SC29/WG11 MPEG 93/612 
{July, 1993), which is hereby incorporated by reference. 

15 

SUMMARY OF THE INVENTION' 

The present invention is directed to methods for 
providing conditional access information to decoders in a 
packet -based multiplexed communications system wherein a 
plurality of different elementary streams are each segmented 
and inserted into respective transport packets that are then 
multiplexed to form a single transport stream for 
transmission to a remote location. More specifically, the 
present invention is directed to methods for providing a 
25 plurality of different sets of conditional access information 
to a remote location and for facilitating access to a 
selected. one. of those sets of conditional access information 
by a decoder at the remote location. Generally, the methods 
of the present invention comprise the steps of: (a) for each 
3 0 set of conditional access information, inserting the set of 
conditional access information into a respective sequence of 
transport packets, assigning a unique packet ID to that set 
of conditional access information and inserting the unique 
packet ID in a header section of each transport packet of the 
3 5 sequence that carries that set of conditional access 

information; (b) generating a table that specifies, for each 
set of conditional access information, the packet ID of the 
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transport packets that carry that set of conditional access 
information; and (c) transmitting the table and the transport 
packets that carry each of the different sets of conditional 
access information to the remote location along with the 
5 transport packets that carry the different elementary 

streams. A decoder at the remote location can employ the 
transmitted table to identify and extract the transport 
packets that carry a selected one of the sets of conditional 
access information. 

This general method is employed in one embodiment 
of the present invention to provide stream-specific 
encryption related information to a remote location m 
particular, when the elementary streams to be transmitted to 
the remote location are separately and uniquely encrypted 
prior to transmission, encryption related information 
specific to each elementary stream is generated and must be 
provided to the remote location for decryption purposes. A 
method of providing the encryption related information for 
each elementary stream to the remote location in accordance 
with the present invention comprises the steps of: (a) for 
each elementary stream, inserting the encryption related 
information for that elementary stream into a respective 
sequence of transport packets; (b) generating a table that 
spec^xes, for each elementary stream, which of the transport 
packets generated in step (a) carry the encryption related 
information for that elementary stream; and (c) transmitting 
the table and the transport packets that carry the encryption 
related information for each elementary stream to the remote 
location along with the transport packets that carry the 
encrypted data of each elementary stream. Preferably, in 
step (a) , for each elementary stream, a unique packet ID is 
assigned to the encryption related information for that 
elementary stream and the unique packet ID is then inserted 
m a header section of each transport packet that carries a 
portion of the encryption related information for that 
elementary stream. The table generated in step (b) then 
preferably specifies, for each elementary stream, the packet 
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ID of the transport packets that carry the encryption related 
information for that elementary stream. A decoder at the 
remote location can access the table to identify which 
transport packets transmitted in step (c) carry the 
5 encryption related information for a selected one of the 
elementary streams. In an application wherein different 
groups of related elementary streams define a plurality of 
different programs, the aforementioned table is preferably 
incorporated as part of a Program Map Table that specifies, 

10 for each of the different programs, which of the different 
elementary streams comprise that program . 

Another embodiment of the present invention is 
applicable to a packet -based multiplexed communications 
system in which a transport stream is to be transmitted to a 

15 plurality of different remote locations, wherein each remote 
location employs a decoder that operates in accordance with 
one of a plurality of different conditional access systems . 
In such a system, a different set of conditional access 
information must* be carried in the transport stream to 

2 0 support each of the different conditional access systems 

employed by the various decoders in the system. A method of 
providing each of the different sets of conditional access 
information to the remote locations in accordance with the 
present invention comprises the steps of: (a) for each 

2 5 different set of conditional access information, inserting 

the set of conditional access information into a respective 
sequence of transport packets , , assigning, .a unique packet ID 
to that set of conditional access information and inserting 
the unique packet ID in a header section of each transport 

3 0 packet that carries a portion of that set of conditional 

access information; (b) generating a table that specifies, 
for each of the different conditional access systems, the 
packet ID of the transport packets that carry the set of 
conditional access information for that conditional access 
35 system; and (c) transmitting the table and the transport 

packets that carry each of the different sets of conditional 
access information to the remote location along with the 
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transport packets that carry the different elementary 
streams. A decoder at one of the remote locations, which 
operates in accordance with one of the different conditional 
access systems, can employ the transmitted table to identify 
5 and extract the transport packets that carry the set of 
conditional access information for the conditional access 
system upon which that decoder operates. In a preferred 
embodiment, each of the different sets of conditional access 
■information comprises a plurality of Entitlement Management 
Messages unique to a particular one of the different 
conditional access systems. 

Additional features and advantages of the present 
invention will become evident hereinafter. 

BRIEF DESCRIPTTnM Q F TWF. m»BT B M 
The foregoing summary, as well as the following 
detailed description of the preferred embodiments, is better 
understood when read in conjunction with the appended 
drawings. For the purpose of illustrating the invention 
there is shown in the drawings embodiments that are presently 
preferred, it being understood, however, that the invention 
is not limited to the specific methods and instrumentalities 
. disclosed. In the drawings: 

Figure l graphically illustrates the two- level 
packetization scheme of the MPEG-2 Systems standard (ISO 
13 818); 1 &U 

Figure 2 illustrates an application of the present 
invention to a subscription television system; 

Figure 3 is a functional block diagram of an 
encoder apparatus for generating a Transport Stream and for 
providing conditional access information in accordance with 
the methods of the present invention; 

Figure 4 illustrates the general content and 
arrangement of a Program Map Table in accordance with an 
embodiment of the present invention; 
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Figure 5 illustrates the general content and 
arrangement of a Conditional Access Table in accordance with 
an embodiment of the present invention; 

Figure 6 is a functional block diagram of a decoder 
5 apparatus for receiving an MPEG-2 Transport stream and for 
extracting conditional access information in accordance with 
the methods of the present invention; 

Figures 7A and 7B are flow diagrams illustrating 
the steps to be performed at an encoder apparatus in 
10 accordance with a preferred embodiment of the methods of the 
present invention; and 

Figures 8A and 8B are flow diagrams illustrating 
the steps to be performed at a decoder apparatus in 
accordance with a preferred embodiment of the methods of the 
15 present invention. 



DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Because the present invention, as defined by the 
appended claims, has been substantially incorporated into the 
2 0 MPEG-2 Systems standard (ISO 13818) , the present invention is 
described below in the context of a packet-based multiplexed 
communications system that operates in accordance with the 
MPEG-2 Systems standard. However, it is understood that the 
methods of the present invention are by no means limited to 

2 5 systems that operate in accordance with the MPEG-2 Systems 

standard. Rather, the present invention may be employed in 
any packet-based - multiplexed communications system in which 
it is desirable to provide conditional access information to 
decoders in the system. 

3 0 Referring now to the drawings, wherein like 

numerals indicate like elements throughout, Figure 2 
illustrates an application of the methods of the present 
invention to a direct broadcast satellite (DBS) subscription 
television system 10 that operates in accordance with the 
35 MPEG-2 Systems standard. As shown in Figure 2, the exemplary 
DBS system 10 comprises an uplink site 8 for generating an 
MPEG-2 Transport Stream containing a multiplexed combination 
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of audio and video signals and for transmitting the transport 
stream to one or more subscriber locations, e.g. location 
201. The audio and video signals (e.g., Video 1, Audio 1 ... 
Video N) are input to an encoder/multiplexer 11 via 
5 respective input lines. The encoder/multiplexer 11 operates 
in accordance with the MPEG- 2 Systems standard and the 
methods of the present invention to generate a continuous 
Transport Stream comprising a time-division multiplexed 
combination of Transport Packets, each of which may contain 
the coded data of one of the video or audio signals or may 
contain conditional access related information in accordance 
with the present invention. As the transport stream is 
generated, it is supplied via line 60 to a transmitter 198 
and then to a satellite uplink 200 for transmission via 
15 satellite 203 to the subscriber location 201. The Transport 
Stream is typically transmitted over a particular transponder 
frequency. 

At the subscriber location 201, a receiver 204 is 
tuned to the particular transponder frequency for receiving 
the transport stream via a satellite down-link 202. The 
incoming Transport Stream is then provided to a decoder 2 06 
via line 205. A subscriber can employ the decoder 205 to 
retrieve the audio and video signals of a particular program 
from the incoming Transport Stream for output to a television 
set 208 or audio output device 210 at the subscriber location 
201. 

Figure 3 is a simplified, partial block diagram 
illustrating additional details of the encoder/multiplexer 11 
of Figure 2. As mentioned above, the encoder /multiplexer 11 
generates a Transport Stream in accordance with the MPEG- 2 
Systems standard and provides conditional access information 
in accordance with the methods of the present invention. In 
use, a plurality of elementary streams (i.e., coded 
representations of the video and audio signals Video 1, Audio 
3 5 l .. video N) are provided, after first being packetized into 
respective Packetized Elementary Streams, to a transport 
level packetizer 18 via lines 12, 14.. 16, respectively. As 
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explained above, in accordance with the MPEG- 2 Systems 
standard, each elementary stream is assigned a unique Packet 
ID (PID) that is used to identify that stream. In the 
example illustrated in Figure 3, the video elementary stream 
5 "Video 1" has been assigned a PID of '10', the audio 

elementary stream "Audio 1" has been assigned a PID of '12', 
and the video elementary stream "Video N" has been assigned a 
PID of 18. 

The transport level packetizer 18 operates in 
10 accordance with the MPEG-2 Systems standard to segment each 
Packetized Elementary Stream (e.g., Video 1, Audio 1.. Video 
N) and to insert successive segments of each stream into the 
payload sections of a respective sequence of Transport 
Packets. In the example illustrated in Figure 3, the 
15 transport level packetizer 18 generates a- sequence of 

Transport Packets 20 that contain the Packetized Elementary 
Stream data for "Video 1". A sequence of Transport Packets 
22 carries the Packetized Elementary Stream data for "Audio 
1", and a sequence of Transport Packets 24 carries the 
20 Packetized Elementary Stream data for "Video N" . Each 

Transport Packet in a given sequence has a header 2 6 that 
contains the PID value 3 0 associated with the elementary 
stream carried in that sequence of Transport Packets. For 
example, a PID value of '10' is inserted into the header of 

2 5 each packet in the sequence of packets 2 0 that carries the 

Packetized Elementary Stream data for "Video 1", a PID value 
of '12' is inserted into the header of each packet in the 
sequence of packets 22 that carries the Packetized Elementary 
Steam data for "Audio 1", and so on. 

3 0 For purposes of illustration only, it is assumed 

that the encoder 11 of Figure 3 will encrypt the elementary 
stream data in each respective sequence of Transport Packets 
20, 22.. 24 in accordance with a private key cryptographic 
technique, such as the well known Data Encryption Standard 
35 (DES) . It is understood, however, that the particular 

encryption or scrambling technique employed is not critical 
to the present invention. Rather, as will become evident 
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hereinafter, the present invention may be employed with any 
encryption scheme in which it is necessary to provide stream- 
specific encryption related information to a decoder for 
decryption purposes. 
5 As shown in Figure 3, each sequence of Transport 

Packets 20, 22.. 24 is fed to an encryptor apparatus 32, which 
in the present example operates in accordance with a private 
key cryptographic technique to uniquely, and individually, 
encrypt the elementary stream data carried in the payload 
sections of the Transport Packets of each sequence 20, 
22.. 24. Unique encryption control words are generated for 
each sequence of Transport Packets 20, 22.. 24 at block 34 and 
are provided to the encryptor apparatus 32 via line 35. The 
encryptor apparatus 32 encrypts the payload sections of the 
Transport Packets of each sequence 20, 22.. 24 and then 
provides each encrypted sequence of Transport Packets 20', 
22 '..24' to a transport stream multiplexer 60. As dictated 
by the MPEG-2 Systems standard, the Transport Packet headers 
are not encrypted. 

As explained in the Background of the Invention, in 
accordance with most any encryption or scrambling technique, 
encryption related information must be provided to decoders 
in order to enable the decoders to decrypt or descramble the 
encrypted data. In the present example, in which a private 
key cryptographic technique is employed to uniquely encrypt 
the elementary stream data in the Transport Packets of each 
sequence 20, 22.. 24, the unique encryption control words used 
to encrypt each sequence of Transport Packets 20, 22.. 24 must 
be provided to the decoders. It was decided by the drafters 
3 0 of the MPEG-2 Systems standard, including Applicant, that 

such encryption related information is to be provided in the 
form of Entitlement Control Messages (ECMs) . In the present 
example, an ECM will contain one or more of the encryption 
control words used to encrypt the data of a particular 
35 elementary stream. As noted in the Background of the 

Invention, the MPEG-2 Systems standard does not specify the 
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format of an ECM. Consequently, the format of an ECM may be 
tailored to a particular encryption/scrambling scheme. 

As further illustrated in Figure 3, and in 
accordance with an aspect of the present invention, the ECMs 
5 for each elementary stream are inserted into respective 
Transport Packets. For example, in Figure 3, the ECMs for 
the elementary stream -Video 1" are inserted into one or more 
Transport Packets 42, the ECMs for the elementary stream 
"Audio are inserted into one or more Transport Packets 44 
As further illustrated, each Transport Packet that contains 
ECM data for a given elementary stream is assigned the same 
unique PID value. For example, each of the Transport Packets 
4 2 containing ECMs for the video elementary stream -Video l- 
is assigned a PID value of '27', each of the Transport 
Packets 44 containing ECMs for the audio elementary stream 
"Audio 1" is assigned a PID value of '35', and so on. 

As applicant recognized, some mechanism must be 
provided for associating each encrypted elementary stream 
with the Transport Packets that carry the ECMs for that 
20 stream. According to the present invention, such an 

association or mapping is provided as part of a Program Map 
Table (PMT) transmitted to each decoder. As explained in the 
Background of the Invention, the main function of a Program 
Map Table is to specify, for each user selectable program 
number, which elementary streams "make -up" that program 
More specifically, the Program Map Table contains a "program 
definition" for each user selectable program number, and the 
program definition for a given program lists the Packet IDs 
associated with each elementary stream of that program. When 
a user selects a given program, the decoder can access the 
Program Map Table to obtain the PIDs associated with each 
elementary stream in that program. Thereafter, the decoder 
can simply extract every incoming Transport Packet having a 
PID that matches one of those listed in the program 
35 definition for the selected program. 

According to the present invention, additional 
information is provided in the Program Map Table that 
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specifies, for each elementary stream, the PID associated 
with the Transport Packets that contain the ECMs for that 
elementary stream. Figure 4 illustrates the general content 
and arrangement of a Program Map Table 68 that incorporates 
5 such additional information in accordance with a preferred 
embodiment of the present invention. As shown, the Program 
Map Table 68 comprises a Program_Map_Table_Length field 70, 
which specifies the overall length (in bytes) of the entire 
Table 68, followed by one program definition 72 for each user 
10 selectable program. Each program definition 72 begins with a 
program number field 74 that specifies the assigned program 
number for the program being defined. The program number 
field 74 may be followed by a number of other fields 76 
containing program related information not relevant to the 
15 present invention. An elementary_PlD_count field 78 

specifies the number of different elementary streams that 
"make-up" the defined program. An elementary_stream 
definition 80 is then provided for each of those elementary 
streams. Each elementary_stream definition 8 0 contains an 
elementary_PID field 82 that specifies the unique PID 
associated with the Transport Packets that carry that 
elementary stream of the defined program. According to the 
present invention, each elementary_stream definition 80 
further contains an ECM_ID field 84 that specifies the PID 
value assigned to the Transport Packets that carry the ECMs 
for the elementary stream identified in the elementary_PID 
field 82. Accordingly, when a decoder accesses the Program 
Map Table to determine the PID values for each elementary 
stream in a given program, the decoder can also obtain the 
PID values assigned to the Transport Packets that carry the 
ECMs for each of those streams. Applicant, on behalf of his 
Assignee, proposed this aspect of the present invention for 
inclusion in the MPEG-2 Systems specification, and the 
technique, as defined by the appended claims, was 
substantially adopted as part of that standard. The Program 
Map Table structure originally proposed by Applicant and 
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illustrated in Figure 4 is expressed in Table 1 in the formal 
grammar of the MPEG- 2 Systems Committee Draft. 



Syntax 



# Bits 



10 



15 



program_map_table () { 

p r ogram_map_t ab 1 e_l e n g t h 
for (i=0;i<N;i++) { 
p r o gr a m_numb e r 
other 

e 1 ement ary_PID_count 

for(i=o; i<elementary_PID__count ; i++) { 
element ary_PID 
ECM_PID 
other 



8 

16 
xx 
8 

13 
13 
xx 



} 



} 



} 



Table 1. Program Map Table Syntax 

Referring again to Figure 3, the Program Map Table 
20 is inserted into one or more Transport Packets 54 for 

transmission to decoders. In the present embodiment, a PID 
value, Rl, is reserved for those packets. That is, any * 
Transport Packets containing all or a part of the Program Map 
Table are assigned a PID value of 'Rl' . Reserving a PID 
25 value in this manner simplifies decoder access to the Program 
Map Table, since the reserved PID value may be permanently 
stored/ or hard-wired, in each decoder. It should be noted, 
however, that the MPEG- 2 Systems Committee Draft specifies a 
more elaborate technique that allows each program definition 

3 0 to be transmitted with its own unique PID value. An 

additional table, referred to in the MPEG-2 Systems Committee 
Draft as a Program Association Table, is then provided to map 
each user selected program number to the PID value of the 
Transport Packet (s) that contain the program definition for 
35 that program number. A PID value of '0' is reserved for the 
Program Association Table. As can be appreciated, however, 
the more complex technique specified in the MPEG-2 Systems 
Committee Draft is not necessary for practicing the present 
invention. 

4 0 According to another aspect of the present 

invention, Entitlement Management Messages, which typically 
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contain decoder specific and/or system-wide conditional 
access information, are received from the control computer 47 
(Figure 2) and are inserted into respective Transport Packets 
for transmission to decoders. Because different decoders are 
5 likely to operate in accordance with different conditional 
access systems (i.e., different encryption techniques and 
different program authorization formats) , EMMs must be 
generated separately to support each such conditional access 
system. An EMM is typically addressed to a specific decoder 
or group of decoders in the communications system. Some 
applications, such as subscription television applications, 
are likely to employ millions of individual decoders, and ' 
therefore, it is likely that a correspondingly large'number 
of EMMs will be required to support each of the different 
conditional access systems employed by those decoders. A 
collection of EMMs associated with a given conditional access 
system are sometimes referred to herein as an "EMM stream". 

„ According to the present invention, the EMM streams 
for each of the different conditional access systems being 
employed by various decoders in the communications system are 
inserted into respective Transport Packet sequences, and a 
unique PID value is assigned to each sequence. For example, 
as illustrated in Figure 3, the EMM stream denoted EMM, is 
inserted into the payload portions of a sequence of Transport 
25 Packets 48 that have been assigned a PID value of «7'. 

Accordingly, the headers of each Transport Packet in that 
sequence contain a PID value of > T . Similarly, the EMM 
stream denoted EMM, is inserted into the payload portions of 
a sequence of Transport Packets 50 that have been assigned a 
30 PID value of '49'. A different PID value is associated with 
each of the different EMM streams. 

Further in accordance with the present invention, 
each conditional access system employed in the communications 
system is assigned a unique conditional access system ID 
35 (CA_System_ID) . Each decoder in the system is provided with 
the CA_System_ID associated with the conditional access 
system implemented by that decoder. The encoder 11 generates 
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a conditional access table that specifies, for each of the 
different conditional access systems, which of the EMM 
streams is applicable to that conditional access system. 
More specifically, the conditional access table specifies, 
5 for each conditional access system, the PID value assigned to 
the Transport Packets carrying the EMM stream for that 
conditional access system. 

• Figure 5 illustrates the general content and 
arrangement of a conditional access table 90 according to a 

10 preferred embodiment of the present invention. As shown, the 
conditional access table 90 begins with a conditional access 
table length field 92 that specifies the overall length of 
the conditional access table 90. The length field 92 is 
followed by a plurality of table entries 94 -- one for each 

15 of the N different conditional access systems employed by the 
various decoders in the system. Each entry 94 comprises a 
CA_System_ID field 96, which contains the unique ID assigned 
to the particular conditional access system being defined in 
that entry, and an EMM_PID field 98 that specifies the PID of 

2 0 the Transport Packets that carry the EMM stream associated 
with the conditional access system identified in the ^ 
CA_System_ID field 96. The structure of a conditional access 
table in accordance with the present invention is expressed 
in Table 2 in the formal grammar of the MPEG- 2 Systems 

2 5 Committee Draft. 



35 



Syntax 


# Bits 


CA_table () { 






CA_ t ab 1 e_l eng t h 




8 


for (i=0 ; i<N; i++) { 






CA System ID 




16 


EMM_PID 




13 


Other 




XX 








, > 1 - 













Table 2 . Conditional Access Table Syntax 

Referring again to Figure 3, the conditional access 
table is inserted into one or more Transport Packets 56 for 
transmission to each decoder. A unique PID value, R2, is 
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reserved for these Transport Packets- 56. That is, any 
Transport Packet 56 that contains all or a portion of the 
conditional access table carries a PID value of R2 in its 
header. The reserved PID value can be stored, or hard-wired, 
5 into each decoder. Upon receiving a given Transport Stream, 
a decoder can automatically extract every incoming Transport 
Packet having a PID value that matches the value, R2, 
reserved for the conditional access table. 

As can be appreciated, the use of a conditional 
access table in accordance with the present invention enables 
different decoders, each operating in accordance with a 
different conditional access system, to be employed in the 
same communications system. Each decoder can retrieve its 
associated EMM stream by first accessing the transmitted 
15 Conditional Access Table to determine the PID value of the 
Transport Packets that carry that EMM stream, and then 
extracting every incoming Transport Packet whose PID value 
matches the specified value. Applicant, on behalf of his 
Assignee, proposed this aspect of the present invention for 
inclusion in the MPEG-2 Systems specification, and the 
technique, as defined by the appended claims, was 
substantially adopted as part of that standard. According to 
the MPEG-2 Systems Committed Draft, a PID value of 'l' is 
reserved for the Transport Packets that contain portions of a 
25 conditional access table (i.e., R2 = '1'). 

In the example illustrated in Figure 3, the control 
computer 47 is responsible for generating the various EMM 
streams, the Program Map Table (PMT) and the Conditional 
Access Table (CAT) which are then respectively packetized in 
30 the encoder 11 at block 49. Each Transport Packet, including 
those containing the elementary stream data (e.g., packet 
sequences 20', 22' and 24') and the ECM data (e.g., packet 
sequences 42, 44 and 46), are provided to a transport stream 
multiplexer 58 that multiplexes the packets to form a single 
35 outgoing packet stream or "Transport Stream" on line 60. The 
Transport Stream is then transmitted via some medium (e.g. 
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satellite 203 of Figure 2) to various decoders in the 
communications system. 

Figure 6 is a simplified block diagram of an 
exemplary decoder 110 for receiving an MPEG-2 Transport 
5 Stream and for obtaining ECM and EMM data from the incoming 
Transport Stream in accordance with the methods of the 
present invention. The decoder 110 of Figure 6 may be used 
to implement block 206 of Figure 2. As shown in Figure 6, a 
Transport Stream is received by the decoder 110 on line 112 

10 and provided to a de-multiplexer/parsing unit 116. A user's 
program selection is provided to the demultiplexer 116 via 
line 114. A CA_System ID code is stored in a memory 118. As 
described above, the CA__System_ID identifies the particular 
conditional access system {i.e., encryption algorithms, 

15 authorization information format, etc.) being employed by the 
decoder 118. 

When a user selects a given program for output, the 
demultiplexer 116 first retrieves the incoming Transport 
Packets having the PID value that was reserved for the 

2 0 Program Map Table. Once received, the demultiplexer 116 then 

accesses the Program Map Table to find the program* definition 
for the program number selected by the user. The decoder 
then examines the appropriate program definition to identify 
the PIDs of the Transport Packets that carry each of the. 
25 elementary streams (e.g., video, audio, etc.) that "make-up" 
the selected program. Thereafter, the demultiplexer 116 
begins extracting every incoming Transport Packet having a 
PID that matches one of those listed in the program 
definition. For example, referring briefly to Figure 3, a 

3 0 subscriber may select a program that consists of elementary 

streams "Video 1" and "Audio 1." Transport Packets carrying 
the elementary stream data for "Video 1" each have a PID of 
'10', and the Transport Packets carrying the elementary 
stream data for "Audio 1" each have a PID of '12'. As 
35 successive packets of the Transport Stream are received, the 
demultiplexer 116 will extract every incoming Transport 
Packet having a PID of '10' or '12'. 
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According to the present invention, the 
demultiplexer/parsing unit 116 also accesses the program 
definition for the selected program to determine the PlDs of 
the Transport Packets that contain the ECMs for each 
5 elementary stream of the selected program. As described 
above, each elementary stream is uniquely, and individually, 
encrypted or scrambled by scrambling the payload sections of 
the Transport Packets that carry each respective elementary 
stream. The ECMs for a given elementary stream contain 
encryption related information necessary for decrypting that 
elementary stream. Once the demultiplexer 116 has identified 
the PIDsof the Transport Packets that contain the ECMs for 
each respective elementary stream of the selected program, 
the demultiplexer extracts those Transport Packets as they 
15 are received in the incoming Transport Stream. 

As the Transport Packets that contain the data for 
each elementary stream of the selected program are retrieved 
from the incoming Transport Stream, they are provided, in 
sequence, to a decryption/descrambling and program 
20 authorization unit 120. For example, the Transport Packets 
carrying video elementary stream data are provided to the 
decryption/descrambling unit 120 via line 122. Transport 
Packets carrying audio elementary stream data are provided to 
the unit 120 via line 124. Transport Packets containing 
other types of elementary stream data may be provided to the 
unit 120 via line 126. 

Additionally, as the Transport Packets that contain 
the ECMS for each elementary stream of the selected program 
are received, the demultiplexer 116 provides those ECMs to 
30 the decryption/descrambling unit 120 via line 128. In 

accordance with the encryption/decryption scheme employed by 
the particular conditional access subsystem of the decoder 
110, the decryption/descrambling unit 120 employs the 
information contained in the ECMs for each elementary stream 
to decrypt or descramble the payload sections of the 
Transport Packets that carry each respective elementary 
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Further in accordance with the present invention, 
the demultiplexer/parsing unit 116 extracts any incoming 
Transport Packets that have a PID value that matches the 
value reserved for the conditional access table. From these 
5 Transport Packets, the conditional access table is obtained. 
Using the CA_System_ID assigned to the decoder and stored at 
118 as an index into the conditional access table, the 
decoder accesses the conditional access table to determine 
the PID associated with the Transport Packets that carry the 

10 EMM stream for the conditional access system employed by the 
decoder 110. The decoder 110 thereafter extracts every 
incoming Transport Packet having the PID value specified in 
the conditional access table. As each such Transport Packet 
is extracted, the Entitlement Management Messages (EMMs) in 

15 the packets are extracted and provided to the 
decryption/descrambling unit 120 via line- 10. 

As explained above, EMMs may contain decoder 
specific information, such as program authorization 
information, as well as system-wide conditional access 

2 0 information. A given EMM may be addressed to a specific 

decoder, a selected group of decoders, or all decoders 
operating in accordance with the corresponding conditional 
access system. Assuming that the information contained in an 
EMM addressed to the decoder 110 authorizes the. decoder to 
25 retrieve and output the program selected by the user, the 
decrypting/descrambling unit 120 will provide the 
decrypted/descrambled Transport Packets for each elementary 
stream of that program to a depacketizer 10. Depacketizer 10 
operates in accordance with the MPEG-2 Transport Stream 

3 0 protocol to recover the raw elementary stream data of each 

elementary stream of the selected program. Audio and video 
related elementary stream data is provided to respective 
buffers 134, 13 6 and then to respective decoders 138 , 140 
which decode the elementary stream data to produce analog 
35 video and audio signals for output to a display device (not 
shown). Other elementary' stream data, such as, for example, 
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teletext or computer data may be output via line 142 to an 
appropriate device (not shown) . 

Figure 7A is a flow diagram illustrating both the 
operation of the encoder 11 of Figure 3 and a preferred 
5 embodiment of one aspect of the method of the present 

invention. According to the method of the present invention, 
at step 150, the encoder generates an appropriate set of 
Entitlement Control Messages (ECMs) for each 
encrypted/scrambled elementary stream to be transmitted by 
10 the encoder. As explained above, the ECMs for a given 

elementary stream contain the encryption-related information 
needed by a decoder to decrypt the encrypted data for that 
elementary stream. Next, at step 152, the ECMs for each 
elementary stream are inserted into respective sequences of 
15 Transport Packets (e.g., the Transport Packet sequences 42, 
44.. 46 of Figure 3). At step 154, for each elementary 
stream, the encoder assigns a unique Packet_ID (PID) to each 
Transport Packet in the sequence that carries the ECMs for 
that elementary stream. For example, in the example 
illustrated in Figure 3, each Transport Packet in the 
sequence of Transport Packets 42 that carry the ECMs for 
video elementary stream "Video 1" is assigned a PID value of 
'27' . 

Next, at step 156, the encoder generates additional 
information in the form of a first table that specifies, for 
each elementary stream, the PID value of the Transport 
Packets that carry the ECMs for that elementary stream. As 
explained above, in the present embodiment, this "first 
table" is incorporated as part of a Program Map Table that 
3 0 contains a program definition for each user selectable 

program transmitted in the Transport Stream generated by the 
encoder. Figure 4 and Table 1 illustrate one embodiment of a 
Program Map Table that includes the additional information 
generated by the encoder 11 in accordance with the present 
35 invention. It should be noted, however, that this 

information (i.e., a listing of the PIDs of the Transport 
Packets that contain the ECM data for each elementary stream) 
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does not have to be incorporated in a Program Map Table or 
similar structure. Rather, if desired, the additional 
information (i.e., "first table") may be transmitted 
separately from the Program Map Table. 
5 Finally, at step 158, the Program Map Table is 

transmitted to one or more decoders in the system along with 
the Transport Packets that contain the ECMs for each 
elementary stream. As described above, in the present 
embodiment, the Program Map Table is inserted in dedicated 

10 Transport Packets (e.g. Packets 54 of Figure 3), and the 

Transport Packets that contain all or part of the Program Map 
Table are assigned a reserved PID value, R x . The reserved 
PID, R lf can be stored, or hard- wired, in each decoder to 
facilitate extraction of the Program Map Table at each 

15 decoder. As further explained above, the MPEG-2 Systems 

Committee Draft specifies a more elaborate technique in which 
each program definition of the Program Map Table may be 
transmitted in a Transport Packet having its own unique PID 
value. An additional table, referred to in the MPEG-2 

2 0 Systems Committee Draft as a Program Association Table, is 

then provided to map each user selected program number to the 
PID value of the Transport Packet (s) that contain the program 
definition for that program number. A PID value of '0' is 
reserved for the Program Association Table. As mentioned 

2 5 above, however, the more complex technique specified in the 

MPEG-2 Systems Committee Draft is not necessary for 
practicing, the present, invention. 

Figure 7B illustrates a number of additional steps 
that are performed by the encoder in accordance with another 

3 0 aspect of the method of the present invention. In 

particular, the steps of Figure 7B illustrate a method for 
providing separate Entitlement Management Messages (EMMs) to 
decoders in a Packet -based communications system, wherein 
different decoders operate in accordance with different 
35 conditional access systems. The term "conditional access 
system" refers to a particular decoder's implementation of 
access related techniques such as encryption or scrambling 
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techniques and programming authorization techniques. As 
illustrated in Figure 7B, at step 160, the encoder receives a 
plurality of different EMM streams from the control computer 
47, one for each of the different conditional access systems 
5 employed by the various decoders in the communications 

system. At step 162, each of the different EMM streams is 
inserted into the payload sections of a respective sequence 
of Transport Packets (e.g., Transport Packet sequences 48, 
50.. 52 of Figure 3). At step 164, the encoder assigns a ' 
unique PID to each EMM stream, and for each stream, inserts 
the assigned PID in the header of each Transport Packet that 
carries a portion of that EMM stream. 

Next, at step 166, the encoder generates a second 
table, defined herein as a conditional access table, that 
specifies, for each conditional access system present in the 
communications system, the PID value of the Transport Packets 
that carry the EMM stream associated with that conditional 
access system. A preferred structure for the conditional 
access table (i.e., "second table") is illustrated in Figure 
20 5, as well as in Table 2. At step 168, the decoder transmits 
the conditional access table (CAT) to each decoder in the 
system along with the Transport Packets that contain the EMM 
streams for each of the different conditional systems 
employed. As described above, in the present embodiment, the 
Conditional Access Table is inserted into one or more 
Transport Packets for transmission to each decoder. A unique 
PID value, R2, is reserved for the Transport Packets that 
carry the Conditional Access Table. As explained above, 
after adopting this aspect of the present invention, the 
drafters of the MPEG- 2 Systems standard assigned a reserved 
PID value of 'l< to the Transport Packets that carry the 
Conditional Access Table. The reserved PID value, R 2 , can be 
stored or hard-wired in each decoder to facilitate extraction 
of the Conditional Access Table by each decoder. 

Figure 8A illustrates the steps to be performed by 
a decoder, such as the decoder 110 of Figure 6, in accordance 
with a preferred embodiment of the methods of the present 
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invention. As shown in Figure 8A, at step 170, the decoder 
obtains a user's program selection. At step 172, the decoder 
extracts the Transport Packets that contain the Program Map 
Table from the incoming Transport Stream and retrieves the 
5 Program Map Table from those packets. As explained above, in 
the present embodiment, the "first table" described above is 
incorporated as part of the Program Map Table. A PID value, 
R 1# is reserved for the Transport Packets that contain the 
Program Map Table. After retrieving the Program Map Table, 

10 the decoder accesses the Program Map Table to obtain the 
program definition for the program selected by the user. 
From the program definition for the selected program, the 
decoder determines the Packet__IDs (PIDs) associated with the 
Transport Packets that carry the data for each elementary 

15 stream of the selected program. Thereafter, at step 174, the 
decoder begins extracting every incoming Transport Packet 
whose PID value matches one of those listed in the program 
definition for the selected program. 

At step 176, the decoder accesses the additional 

20 conditional access related information incorporated in the 
Program Map Table in accordance with the present embodiment 
of the invention. As explained above, that information 
specifies, for each elementary stream, the PID value of the 
Transport Packets that carry the ECMs needed for decrypting 

25 that elementary stream. In the present embodiment, the PIDs 
of the Transport Packets that carry the ECMs for the 
elementary streams of the selected program are identified in 
the program definition for that program. Thus, in step 176, 
the decoder again accesses the program definition for the 

3 0 selected program and determines therefrom the PID values of 
the Transport Packets that contain the ECMs for each of the 
elementary streams of that program. Thereafter, at step 178, 
the decoder begins extracting every incoming Transport Packet 
that has a PID value that matches one of those listed in the 

35 program definition. The individual ECMs for each elementary- 
stream are then retrieved from the extracted Transport 
Packets and employed by the decryption/descrambling unit in 
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the decoder to decrypt/descramble the corresponding 
elementary stream data, as illustrated at steps 180 and 182. 

Figure 8B illustrates additional steps to be 
performed by a decoder in accordance with the methods of the 
5 present invention. In particular, Figure SB illustrates the 
steps to be performed by the decoder in order to obtain the 
Entitlement Management Messages (EMMs) that pertain to the 
particular conditional access system employed by the decoder. 
As explained above, each decoder is provided with a 
CA_System_ID that identifies the particular conditional 
access system employed by that decoder. As shown at step 
190, in accordance with the present invention, the decoder 
first extracts the conditional access table (i.e., "second 
table") from the incoming Transport Stream. As explained 
15 above, the Conditional Access Table is transmitted to the 
decoder in one or more Transport Packets having a second 
reserved PID value, R 2 . Accordingly, the decoder can obtain 
the Conditional Access Table by extracting any incoming 
Transport Packets that have that reserved PID value. 
20 0nce the Conditional Access Table has been 

obtained, the decoder uses the CA_jSystem_ID stored in the 
decoder as an index into the table to determine the PID value 
of the Transport Packets that carry the EMM stream that 
pertains to the particular conditional access system 
25 identified by the decoder's CA_System__ID . Thereafter, at 
step 194, the decoder begins extracting every incoming 
Transport Packet that has the PID value associated with that 
EMM stream. The individual EMMs may then be retrieved from 
the extracted Transport Packets and processed accordingly. 
30 As the foregoing illustrates, the present invention 

is directed to methods for providing conditional access 
information to decoders in a packet -based multiplexed 
communications system. One aspect of the present invention 
is directed to a method for providing stream-specific 
35 encryption related information to a decoder and for 

facilitating decoder access to that information. Another 
aspect of the present invention is directed to a method for 
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providing conditional access information for each of a number 
of different conditional access systems that may be employed 
by various decoders in a packet-based multiplexed 
communications system, and for facilitating access by each 
5 decoder to the conditional access information that pertains 
to the particular conditional access system implemented by 
that decoder. While the methods of the present invention 
have been described herein in the context of a packet-based 
multiplexed communications system operating substantially in 

10 accordance with the MPEG- 2 Systems standard, it is understood 
that the present invention is by no means limited thereto. 
Rather, the present invention may be employed in any packet - 
based multiplexed communications system wherein conditional 
access information must be provided to decoders in the 

15 system. It is understood, therefore, that changes may be 
made to the embodiments described above without departing 
from the broad inventive concepts thereof. Accordingly, this 
invention is not limited to the particular embodiments 
disclosed, but is intended to cover all modifications that 

2 0 are within the scope and spirit of the invention as defined 
by the appended claims . 
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WHAT IS CLAIMED IS: 



15 



1. In a packet-based multiplexed communications 
system wherein a plurality of different elementary streams 
are each segmented and inserted into respective transport 
packets that are then multiplexed to form a single transport 
5 stream for transmission to a remote location, and further 
wherein a plurality of different sets of conditional access 
information must be transmitted to the remote location, a 
method of providing the different sets of conditional access 
information to the remote location comprising the steps of: 
10 a > for each set of conditional access 

information: 

i) inserting the set of conditional access 
information into a respective sequence of transport packets; 

xi) assigning a unique packet ID to the set 
of conditional access information and inserting the unique 
packet ID in a header section of each transport packet of the 
sequence that carries that set of conditional access 
information; 

b) generating a table that specifies, for each 
set of conditional access information, the packet ID of the 
transport packets that carry that set of conditional access 
information; and 

c) transmitting the table and the transport 
packets that carry each of the different sets of conditional 
access information to the remote location along with the 
transport packets that carry the different elementary 
streams, 

whereby a decoder at the remote location can employ 
the transmitted table to identify and extract the transport 
packets that carry a selected one of the sets of conditional 
access information. 



20 



25 



30 



2. The method of claim 1 wherein each of said 
different sets of conditional access information comprise 
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encryption related information for a respective one of said 
different elementary streams. 

3 . The method of claim 1 wherein each of said 

5 different sets of conditional access information comprises 
information related to a different conditional access system. 

4. In a packet-based multiplexed communications 
system wherein a plurality of different elementary streams 

10 are each segmented and inserted into respective transport 

packets that are then multiplexed to form a single transport 
stream for transmission to a remote location, and wherein the 
elementary streams are separately and uniquely encrypted 
prior to transmission, and further wherein encryption related 

15 information specific to each elementary stream is generated 
and must be provided to the remote location for decryption 
purposes, a method of providing the encryption related 
information for each elementary stream to the remote location 
comprising the steps of: 

20 a) for each elementary stream, inserting the 

encryption related information for that elementary stream 
into- a respective sequence of transport packets; 

b) generating a table that specifies, for each 
elementary stream, which of the transport packets generated 

25 in step (a) carry the encryption related information for that 
elementary stream; and 

C) transmitting the table and the transport 
packets that carry the encryption related information for 
each elementary stream to the remote location along with the 

3 0 transport packets that carry the encrypted data of each 
elementary stream, 

whereby a decoder at the remote location can access 
the first table to identify which transport packets 
transmitted in step (c) carry the encryption related 

3 5 information for a selected one of the elementary streams. 
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5. The method recited in claim 4 wherein step (a) 
further comprises, for each elementary stream, assigning a 
unique packet ID to the encryption related information for 
that elementary stream and inserting the assigned packet ID 
5 in a header section of each transport packet that carries a 
portion of the encryption related information for that 
elementary stream. 



10 



6. The method recited in claim 5 wherein step (b) 
comprises generating a table that specifies, for each 
elementary stream, the packet ID of the transport packets 
that carry the encryption related information for that 
elementary stream. 

15 7 " The method recited in claim 4 wherein 

different groups of related elementary streams define a 
plurality of different programs, and wherein said table is 
.incorporated as part of a Program Map Table that specifies, 
for each of said different programs, which of the different 
elementary streams comprise that program. 



20 



8. In a packet-based multiplexed communications 
system in which a plurality of different elementary streams 
are each segmented and inserted into respective transport 

25 packets that are then multiplexed to form a single transport 
stream for transmission to a plurality of different remote 
locations, each remote location employing a decoder, each 
decoder operating in accordance with one of a plurality of 
different conditional access systems, wherein a different set 

30 of conditional access information must be provided to the 

remote locations for each of the different conditional access 
systems, a method of providing the different sets of 
conditional access information to the remote locations 
comprising the steps of: 

35 a) for each different set of conditional access 

information: 
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i) inserting the set of conditional access 
information into a respective sequence of transport packets; 

ii) assigning a unique packet ID to the set 
of conditional access information and inserting the unique 

5 packet ID in a header section of each transport packet of the 
sequence that carries that set of conditional access 
information; 

b) generating a table that specifies, for each of 
said different conditional access systems, the packet ID of 

10 the transport packets that carry the set of conditional 

access information for that conditional access system; and 

c) transmitting the table and the transport 
packets that carry each of the different sets of conditional 
access information to the remote location along with the 

15 transport packets that carry the different elementary 
streams, 

whereby a decoder at a remote location, which 
operates in accordance with one of said different conditional 
access systems, can employ the transmitted table to identify 
2 0 and extract the transport packets that carry the set of 

conditional access information for the conditional access 
system upon which that decoder operates. 

9. The method recited in claim 8 wherein each of 
25 said different sets of conditional access information 

comprises a plurality of Entitlement Management Messages 
unique to a particular one of said different conditional 
access systems. 
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